codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Bumps [tree-sitter](https://github.com/tree-sitter/tree-sitter) from 0.20.10 to 0.22.6. Release notes Sourced from tree-sitter's releases. v0.22.6 [0.22.6] — 2024-05-05 Features Improve handling of serialization buffer overflows (tree-sitter/tree-sitter#3318) Reverse iteration through node parents (tree-sitter/tree-sitter#3214)...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Please enable CodeQL SAST scans and notifications by default on all GitHub repositories, like Dependabot. There are millions of projects with vulnerabilities that the owners and downstream users are unaware...
The nature of the C# driver means that it needs to see all csc invocations for a build. Today that is achieved by [disabling shared compilation][shared] during build. That unfortunately...
The "Code security and analysis" personal org settings page lists several options for Dependabot SCA third party security scans, but lists no option for CodeQL SAST first party security scans....
For an ordinary path-problem query, it is a requirement that at least one sink exists, otherwise there is nothing to alert on. Thus the optimization with checking `isSink(_, this, _)`...
**Description of the issue** i do it in ubuntu,and node.js=20.12.0. [2024-04-29 14:08:41] [build-stdout] Extracting /home/hhh/JScodeql/extractead_packages/@superfluid-finance/sdk-core/package/dist/main/subgraph/subgraphQueryHandler.d.ts [2024-04-29 14:08:41] [build-stderr] Exception while extracting /home/hhh/JScodeql/extracted_packages/@superfluid-finance/sdk-core/package/dist/main/subgraph/subgraphQueryHandler.d.ts. [2024-04-29 14:08:41] [build-stderr] com.semmle.util.exception.CatastrophicError: The TypeScript parser wrapper...
A false positive of "Slice memory allocation with excessive size value" in Go (Rule ID: go/uncontrolled-allocation-size). It's a false positive, because the length of the allocated slice is explicitly limited...
Based on [this PR](https://github.com/github/codeql/pull/15386). Contains a prototype instantiation of Ruby.
